Skip to content

Commit

Permalink
Merge pull request #120 from sonatype-nexus-community/Issue_119-link-…
Browse files Browse the repository at this point in the history
…doco-sign-commits

Add link to docs about how to sign git commits when missing commit sigs detected.
  • Loading branch information
madpah authored Oct 1, 2024
2 parents 62e2338 + e5ff241 commit 8e83b38
Show file tree
Hide file tree
Showing 2 changed files with 69 additions and 16 deletions.
49 changes: 33 additions & 16 deletions github/github.go
Original file line number Diff line number Diff line change
Expand Up @@ -343,24 +343,11 @@ func EvaluatePullRequest(logger *zap.Logger, postgres db.IClaDB, evalInfo *types
}
}

message := `Thanks for the contribution. Unfortunately some of your commits don't meet our standards. All commits must be signed and have author information set.
The commits to review are:
%s`
commitsMessage := ""
for _, c := range commitsMissingAuthor {
commitsMessage += fmt.Sprintf(`- <a href="%s">%s</a> - missing author :cop:
`, *c.HTMLURL, *c.SHA)
}
for _, c := range commitsMissingVerification {
commitsMessage += fmt.Sprintf(`- <a href="%s">%s</a> - unsigned commit :key:
`, *c.HTMLURL, *c.SHA)
}
logger.Debug("Adding Comment to Issue", zap.Int("Issue #", int(evalInfo.PRNumber)), zap.String("Comment", fmt.Sprintf(message, commitsMessage)))
commentMessage := buildCommentMessage(commitsMissingAuthor, commitsMissingVerification)
logger.Debug("Adding Comment to Issue", zap.Int("Issue #", int(evalInfo.PRNumber)), zap.String("Comment", commentMessage))
_, err = addCommentToIssueIfNotExists(
client.Issues, evalInfo.RepoOwner, evalInfo.RepoName, int(evalInfo.PRNumber),
fmt.Sprintf(message, commitsMessage))
commentMessage)
if err != nil {
return err
}
Expand Down Expand Up @@ -444,6 +431,36 @@ The commits to review are:
return nil
}

const buildCommentPrefix = `Thanks for the contribution. Unfortunately some of your commits don't meet our standards. All commits must be signed and have author information set.
The commits to review are:
%s%s`

const buildCommentSuffixSignedCommits = `
See [Signed Commits](https://contribute.sonatype.com/docs/contributing/submitting/#signed-commits).
`

func buildCommentMessage(commitsMissingAuthor []github.RepositoryCommit, commitsMissingVerification []github.RepositoryCommit) string {

commitsMessage := ""
for _, c := range commitsMissingAuthor {
commitsMessage += fmt.Sprintf(`- <a href="%s">%s</a> - missing author :cop:
`, *c.HTMLURL, *c.SHA)
}
for _, c := range commitsMissingVerification {
commitsMessage += fmt.Sprintf(`- <a href="%s">%s</a> - unsigned commit :key:
`, *c.HTMLURL, *c.SHA)
}

buildCommentSuffix := ""
if len(commitsMissingVerification) > 0 {
buildCommentSuffix = buildCommentSuffixSignedCommits
}
commentMessage := fmt.Sprintf(buildCommentPrefix, commitsMessage, buildCommentSuffix)
return commentMessage
}

func createRepoStatus(repositoryService RepositoriesService, owner, repo, sha, state, description, botName string) error {
_, _, err := repositoryService.CreateStatus(context.Background(), owner, repo, sha, &github.RepoStatus{State: &state, Description: &description, Context: &botName})
if err != nil {
Expand Down
36 changes: 36 additions & 0 deletions github/github_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -500,6 +500,40 @@ func TestHandlePullRequestMissingPemFile(t *testing.T) {
assert.EqualError(t, err, "could not read private key: open the-cla.pem: no such file or directory")
}

func TestBuildCommentMessageEmptyArgs(t *testing.T) {
commentMessage := buildCommentMessage([]github.RepositoryCommit{}, []github.RepositoryCommit{})
assert.Equal(t, fmt.Sprintf(buildCommentPrefix, "", ""), commentMessage)
}

func TestBuildCommentMessageMissingAuthor(t *testing.T) {
myUrl := "https://github.com"
mySha := "sha"
commentMessage := buildCommentMessage([]github.RepositoryCommit{
{HTMLURL: &myUrl, SHA: &mySha},
}, []github.RepositoryCommit{})
assert.Equal(t, fmt.Sprintf(buildCommentPrefix, "- <a href=\"https://github.com\">sha</a> - missing author :cop:\n", ""), commentMessage)
}

func TestBuildCommentMessageMissingVerification(t *testing.T) {
myUrl := "https://github.com"
mySha := "sha"
commentMessage := buildCommentMessage([]github.RepositoryCommit{}, []github.RepositoryCommit{
{HTMLURL: &myUrl, SHA: &mySha},
})
assert.Equal(t, fmt.Sprintf(buildCommentPrefix, "- <a href=\"https://github.com\">sha</a> - unsigned commit :key:\n", buildCommentSuffixSignedCommits), commentMessage)
}

func TestBuildCommentMessageMissingAuthorAndVerification(t *testing.T) {
myUrl := "https://github.com"
mySha := "sha"
commentMessage := buildCommentMessage([]github.RepositoryCommit{
{HTMLURL: &myUrl, SHA: &mySha},
}, []github.RepositoryCommit{
{HTMLURL: &myUrl, SHA: &mySha},
})
assert.Equal(t, fmt.Sprintf(buildCommentPrefix, "- <a href=\"https://github.com\">sha</a> - missing author :cop:\n- <a href=\"https://github.com\">sha</a> - unsigned commit :key:\n", buildCommentSuffixSignedCommits), commentMessage)
}

func TestHandlePullRequestListCommitsNoAuthor(t *testing.T) {
origGHAppIDEnvVar := os.Getenv(EnvGhAppId)
defer func() {
Expand Down Expand Up @@ -561,6 +595,8 @@ The commits to review are:
- <a href="https://github.com">johnSHA</a> - missing author :cop:
- <a href="https://github.com">johnSHA</a> - unsigned commit :key:
See [Signed Commits](https://contribute.sonatype.com/docs/contributing/submitting/#signed-commits).
`,
)},
}, // comment
Expand Down

0 comments on commit 8e83b38

Please sign in to comment.